Hey, hope this is the right place or that I can directed to the right place. We think we’ve just discovered a bug that affects account permissions on personal access tokens. When editing an existing token’s permissions, specifically adding write:packages
permissions, repo
permissions are revoked on Update. Note that only this specific interaction causes this. It appears that you can re-apply repo permissions on a subsequent update without issue, but I figure the revocation is not intended functionality.
So, workflow:
Settings > Developer Settings > Personal access token
Note $yourToken’s permissions in italics. repo should be present
Click on $yourToken, add write:packages
, Update token.
Note $yourToken’s permissions in italics. repo is now missing and write:packages is present
Click on $yourToken again, re-add repo
, Update token.
Note $yourToken’s permissions in italics. It should read repo, write:packages